TRISS 2023 Presenters

Brian Manger

SOC Modernization - 5 Pillars for Driving Differentiation to Improve Security Operations

Brian has spent the last decade working to help solve security problems and drive security maturity. His career started in GRC and Risk Management consulting where he focused primarily in the healthcare vertical working on implementation and adoption of risk visibly and mitigation practices. From there he shifted into to the Network Security world where he led a team focused on helping customers in the financial, technology, manufacturing and healthcare verticals migrate their security technologies and tooling to better support their cloud transformations. Brian is now a Sr. Solutions Director at Deepwatch where he partners with organizations to help mature their security operations programs.

Nathan Cross

Scope Your Plan: Step One in the CMMC Compliance Journey

Nathan is a graduate student at Carnegie Mellon University, where he is pursuing his Master's in Information Security Policy & Management. He also works as a Cybersecurity Engineer for a small business DoD contractor, where he has experience assisting small businesses with CMMC compliance and helping them reduce their overall cybersecurity risk.

Grant Asplund

It’s a Snap Securing Your Multi-Cloud, Cloud-Native Deployments with CNAPP

For more than 25 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber-attacks in an increasingly complex world. As Check Point’s chief evangelist, he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development, and senior management for Dome 9, Blue Coat Systems, Neustar, and Altor Networks. As CEO of MetaInfo, he led its acquisition by Neustar. Grant is the host of the CISO Secrets podcast ( and the Talking Cloud Podcast ( on Cloud security.

Ed Bailey

Three ways to transform your detection and response program to meet tomorrow's challenges.

Ed Bailey is a passionate engineering advocate with more than 20 years of experience in instrumenting a wide variety of applications, operating systems, and hardware for operations and security observability. He has spent his career working to empower users with the ability to understand their technical environment and make the right data-backed decisions quickly.

Brett Tucker

Measurement Matters: Seeking Ideal Metrics for Control Efficacy

Brett Tucker is the Technical Manager of Cyber Risk in the CERT Program at Carnegie Mellon University’s (CMU) Software Engineering Institute (SEI). Brett is responsible for a research and development portfolio focused on improving the security and resilience of the Nation’s critical infrastructure and assets with specific focus on risk management and resilience. Brett is also adjunct CERT Faculty at the Heinz College. Brett was also an appointee on Governor Holcomb's Special Advisory Committee for Cybersecurity for the state of Indiana. Brett has 20 years of experience in engineering, risk management, and technical management within the public and private sectors. Prior to joining the SEI, Brett was the Global Risk Manager for Westinghouse Electric Company where he managed the corporate enterprise risk portfolio and global insurance programs. Preceding that role at Westinghouse, Brett also managed a project controls organization as well as led the engineering, procurement, and installation of instrumentation & control suites for AP1000 nuclear reactor plants. Prior to Westinghouse, Brett served as an intelligence officer at the Central Intelligence Agency and also served as a defense contractor for the Naval Sea Systems Command. Brett is also a veteran of the United States Navy as a Surface Warfare Officer and a qualified Naval Nuclear Engineer in the Naval Nuclear Propulsion Program. Brett holds a Bachelor of Science degree in Chemical Engineering from the University of Notre Dame, a Master degree in Engineering Management from Old Dominion University, and an MBA from Penn State University. Brett is an active member in the local business community as a member of the Project Management Institute (PMI) and holds a Project Management Professional (PMP) certification from PMI. Brett is a member of the American Society for Quality (ASQ) and holds a certification as a Six Sigma Black Belt (CSSBB) from ASQ. Brett is also a Certified Information Security Systems Professional (CISSP) and Certified Governance, Risk, and Compliance Professional (CGRC), previously known as the Certified Authorization Professional (CAP) through ISC^2."